No 'Access-Control-Allow-Origin' header is present on the requested resource

In Postman this Post request runs just perfect:
var settings = {
“url”: “https://webservicesp.anaf.ro/AsynchWebService/api/v5/ws/tva”,
“method”: “POST”,
“timeout”: 0,
“headers”: {
“Content-Type”: “application/json”
},
“data”: JSON.stringify([{“cui”:2864518,“data”:“2021-03-29”}]),
};

$.ajax(settings).done(function (response) {
console.log(response);
});

But when I try to run it from from our WordPress web-store, from a .js file when leaving a field:
$(’#billing_cui’).blur(
function(){…

I get:
Access to XMLHttpRequest at ‘https://webservicesp.anaf.ro/AsynchWebService/api/v5/ws/tva’ from origin ‘https://…’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
webservicesp.anaf.ro/AsynchWebService/api/v5/ws/tva:1 Failed to load resource: net::ERR_FAILED

Hi @Valdinia, Welcome to Community!

It seems the endpoint which you are trying to use has CORS policy enabled. You need to pass headers like the one mentioned “Access-Control-Allow-Origin” in your error message.

Generally postman includes these headers by default. To verify this you can check for hidden or auto populated headers under header tab in postman else you can also find in postman console what all headers were sent in the request payload.

If policy is there you may need to pass extra headers to align with CORS policy in your JS script from wordpress.

Hope this helps :slightly_smiling_face:

Thank you for your answer!

Have you found a solution yet? i`m struggling with the same exact problem…